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A computerized electronic forms generation system for the electronic completion, 
printing and filing of forms is provided. The user is presented with a catalog of graphically 
represented form-templates, from which the user selects form- templates to customize. After 
customization and review, the user has access to a catalog of graphically represented 
customized forms to complete, modify, file or 44ete. The electronic forms generation system 
allows the user to inspect visually the forms and form-templates in various sizes, enabling the 
user to scale the forms from a full-size representation to an all-on-one screen representation. 
A "point and dick* method, using a display screen, a keyboard and mouse, enables the user 
(1) to select a form-template and (2) to enter the custom information in answer to the system 
prompts. The system also manages complex file functions during the completion, filing and 
printing of the forms without intervention by the user. The system provides for the generation 
of printed blank or completed customized forms. 
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METHOD AND SYSTEM FOR AN 
ELECTRONIC FORMS GENERATION USER INTERFACE 

FIELD OF THE INVENTION 

5 The present invention relates in general to 

electronic forms generation systems and the electronic 
creation, completion, printing and filing of forms. In 
particular, this invention relates to a method and system 
for selecting a form-template from an existing catalog of 
10 graphically represented form- templates, customizing the 
form-template, thereby creating a personalized catalog of 
graphically represented customized forms, and thereafter 
completing and processing these customized forms. 

15 BACKGROUND OF THE INVENTION 

In connection with microcomputers and computer 
work-stations, there are a number of electronic form 
generation systems available to facilitate the task of 
creating electronic forms, completing these forms and 

20 then printing, filing or otherwise processing these 
forms. These prior art systems for the creation of 
electronic forms require the use of complicated multi- 
step instruction sets. On the basis of training and 
experience in using sophisticated instructions, rules and 

25 protocols, the user learns to create these forms 
utilizing electronic tools. 

Some such systems include sample forms. First, 
sample forms must be loc *d by using a complex filing 
system. After locating the sample forms, they must be 

30 examined to determine their suitability for the intended 
purpose. Any generic name and address references must be 
removed and replaced with the user's customized 
information. The user then gives this new customized 
form an identifying name, which is later employed to 

35 retrieve it from the system. Third, the newly completed 
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form is re-filed through the same complicated file-naming 
convention originally used to locate it. 

To re-access these customized forms, the user 
must be familiar with the system's file-naming 
5 conventions and must remember the name assigned to each 
customized form. Without the name, the user may have to 
recall and review every form stored in the system. These 
processes demand significant amounts of education by the 
user and also require numerous keystrokes to proceed 
10 through the program to achieve the desired result. 

Some forms-generation packages which use these 
conventions are JetForm™ form generation software from 
JetForm Corporation, Per Form Pro Plus™ form generation 
software from Delrina Technology Incorporated, FormWorx™ 
15 from Spinnaker Software Corp., Informs™ from Word Perfect 
Corporation and Windform™ from Windform Corporation. 

SUMMARY OF THE INVENTION 

Accordingly, an object of the present invention 
20 is to provide an improved forms generation method and 
system in which a personal-computer user, who lacks 
experience or training with said system, may (1) select 
form-templates from a catalog of graphically represented 
pre-designed form-templates, (2) customize these forra- 
25 templates with name, address, phone number and other 
custom information in order to (3) create a catalog of 
customized forms. Once created, this graphically 
represented catalog readily allows for the selection of 
customized forms along with the completion, printing, 
30 filing and deletion of the customized forms. 

A further object of the invention is to provide 
the user with an interface which enables the user more 
easily to generate, complete and file forms. 
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Additionally, an object of the present 
invention is to create an electronic forms generation 
system that uses available complex forms generation 
software as the basis for the improved electronic forms 
5 generation systems of the present invention. 

A further object of the present invention is to 
enable the user of an electronic forms generation system 
to visually inspect the forms and form-templates in 
various sizes, enabling the user to scale the forms from 

10 a full-size representation to an all-on-one-screen 
representation . 

The electronic forms generation system of the 
present invention consists of hardware and software. An 
electronic forms generation system according to the 

15 present invention would require, at a minimum, a personal 
computer, personal workstation, microcomputer or 
equivalent with an 80386 microprocessor or equivalent and 
at least 4MB RAM and storage capacity of at least 40MB. 
An operating system under which the software of the 

20 present system operates is Windows™ from Microsoft 

Corporation or an equivalent graphical user interface 
such as OS2 from IBM, System 7.0™ from Apple Corporation 
or NextStep™ from NEXT Corporation. Additionally, a 
complex electronic forms generation software package such 

25 as JetForm™ form generation software from JetForm 

Corporation, PerForm Pro Plus™ form generation software 
from Delrina Technology Incorporated, FormWorx™ from 
Spinnaker Software Inc., Informs™ from Word Perfect 
Corporation or WindForm™ from Windform Corporation is 

30 used as part of the system. One skilled in the art could 
develop an electronic forms generation system, providing 
through his or her own software, functions similar to 
those provided by the commercial software application 
packages described above. 
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The electronic forms generation system presents 
to the user a catalog of graphical representations of the 
form-templates. A "point and click" method, using a 
display screen, a keyboard and mouse, enables the user 
5 (1) to select a form-template and (2} to enter the custom 
information in answer to the system prompts. The system 
itself manages the sophisticated functions; it assembles 
a custom catalog of graphically-represented form- 
templates and combines the customizing information with 

10 each form-template. Therefore, the ordinary computer 
user is not required to understand complex programming 
techniques or to comprehend sophisticated instruction 
sets or program rules and conventions. 

Further, the size of the graphical representa- 

15 tions displayed in the forms system can be adjusted by 
the user from full size to an all-on-one-screen reduced 
size. This allows the user to create visually and review 
a form-template in various sizes rather than only a 
portion of the form-template. 

20 The system also manages the completion, filing 

and printing of the forms (blank or completed) as 
required by the user, without intervention by the user. 
This present system can be used by computer users who are 
untutored in its use, because it does not require the 

25 learning of difficult or complex user interface commands, 
rules or conventions, such as those required for filing 
and retrieving forms in the prior art systems. 



BRIEF DESCRIPTION OF THE DRAWINGS 
30 FIG. 1 is a flow diagram depicting the flow of 

system control from the main user interface in an 
embodiment of the present invention. 
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FIG. 2 is a flow diagram depicting the catalog 
function as implemented in an embodiment of the present 
invention. 

FIGS. 3 A and 3B are flow diagrams depicting the 
5 customize function as implemented in an embodiment of the 
present invention . 

FIG. 4 is a flow diagram depicting the review 
function as implemented in an embodiment of the present 
invention. 

10 FIG. 5 is a flow diagram depicting the run 

function as implemented in an embodiment of the present 
invention. 

FIG. 6 is a depiction of the main user 
interface screen as implemented in an embodiment of the 
15 present invention. 

FIG. 7 is a depiction of the form-template 
catalog as implemented in an embodiment of the present 
invention. 

FIG. 8 is a depiction of the customize user 
20 interface screen as implemented in an embodiment of the 
present invention. 

FIG. 9 is a depiction of the logo selection 
screen as implemented in an embodiment of the present 
invention. 

25 FIG. 10 is a depiction of the layout selection 

screen as implemented in an embodiment of the present 
invention. 

FIG. 11 is a depiction of the review screen as 
implemented in an embodiment of the present invention. 
30 FIG. 12 is a depiction of the custom catalog as 

implemented in an embodiment of the present invention. 
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DETAILED DESCRIPTION OF THE INVENTION 

In a preferred embodiment of the present 
invention an electronic forms generation system includes 
a central processing unit, a memory, a user data input 
5 device, a data display device, a data storage device, a 
printer, a computer operating system, an electronic forms 
generation software application and a software- 
implemented user interface. The user interface, in 
conjunction with the hardware described above, presents 

10 to a user a catalog of graphically represented form- 
templates. The user is provided an interface with which 
to graphically review and select form-templates for a 
custom form catalog. The selected form-template is then 
customized by the user. The customized form is 

15 graphically reviewed by the user and, if approved, 

becomes part of the user's custom form catalog. The 
customized forms from the custom form catalog can then be 
completed, filed, modified or deleted. Completed or 
blank customized forms can be generated through the 

20 printing device. 

The electronic forms generation system of the 
present invention comprises both hardware and software 
components. An electronic forms generation system 
according to the present invention would require, at a 

25 minimum, a personal computer, personal workstation, 

microcomputer or equivalent with an 80386 microprocessor 
or equivalent and at least 4MB Random Access Memory (RAM) 
and storage capacity of at least 4 0MB. The storage 
capacity could be a magnetic disk, such as a hard disk or 

30 floppy disk drive and the requisite software drivers. 
Also, a printer and its associated printer driver is 
necessary to generate hard-copy printouts of the 
completed or blank forms. 
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The software necessary to operate the system 
comprises an operating system under which the software of 
the present system operates, i.e. Windows™ from Microsoft 
Corporation or an equivalent graphical user interface 
5 such as 0S2 from IBM, System 7.0™ from Apple Corporation 
or NextStep™ from NEXT Corporation. Additionally, a 
complex electronic forms generation software package such 
as JetForm™ form generation software from JetForm 
Corporation, PerForm Pro P2 form generation software 

10 from Delrina Technology Incorporated, FormWorx™ from 
Spinnaker Software Inc., Informs™ from Word Perfect 
Corporation or WindForm™ from Windform Corporation is 
used as part of the system. Alternatively, the 
underlying complex forms generation package could be 

15 developed by one skilled in the art to provide the 

functions found in the commercial software application 
packages described above. 

The electronic forms generation system of the 
present invention, as disclosed herein, presents to the 

20 user graphical representations of form-templates 

comprising a catalog of form-templates. The form- 
template catalog is supplied to the user as part of the 
system. The system presents to the user electronic forms 
and form-templates in an environment more like the 

25 traditional non-electronic environment, i.e., visually. 
The system manages the generation of graphical form 
representations and permits the user to customize forms 
using a user interface of visual representations. FIG. 1 
illustrates the flow of the system from the main user 

30 interface screen 100. 

The main user interface screen as depicted in 
FIG. 6 prompts the user with a series of "buttons." 
Using the user input devices such as the keyboard or 
mouse, the user selects a "button" with an electronic 
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pointer shown on the user interface screen by an arrow 
and then clicks on the catalog button by depressing a 
button on the keyboard or mouse. One skilled in the art 
can appreciate that other devices such as a touch 
5 sensitive screen or joystick and keyboard combination 

could allow the user to "point and click" at various user 
interface screen "buttons"." The system, waiting for the 
user input 110, 130, 150, 170, i.e., the positioning of 
the electronic pointer and the button depression, reacts 

ID by sending control to one of four sub-routines: catalog 
120, customize 140, review 160 and run 180. 

The first time a user operates the system no 
custom catalog for the user exists. The system 
identifies the first time user by determining whether 

15 custom forms exist in the system. During the first use 
of the system by the user, the catalog button is 
highlighted in some way so as to notify the user that no 
other function can be selected. Thus, the system prompts 
the user to create his or her custom catalog. If custom 

20 forms exist, then the system has already been used and 
the first-time user set-up will be bypassed, unless the 
user specifically requests to run the set-up procedure 
during a subsequent use of the system. The user exits 
the program in a preferred embodiment through the exit 

25 "button". 

Once the catalog "button" is selected by the 
user, the system presents the user with a catalog of 
graphically represented forms. FIG. 7 depicts one 
possible configuration of the catalog of form- templates 
30 with which the user is presented. 

FIG. 2 depicts the flow of the system during 
use of the catalog function 120. The user reviews the 
displayed graphical catalog 225, by viewing various pages 
of the catalog 230 and selects a form-template category 
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240 by pointing and clicking on a graphical 
representation of a form-template within a category. 
Prior to selection, additional pages of the form-template 
catalog may also be viewed by the user 230. The name of 
5 the category is included in the graphical representation. 

Upon selection of the category, the user is 
presented with multiple choices of form-templates 245 
within that category, each being distinctive in its 
appearance and usage. For example, in a category 

10 entitled "Fax cover sheets" entries might appear for 8 
1/2 inch by 11 inch, legal sized, portrait, or landscape 
facsimile cover sheets. Each form is represented by an 
accurately scaled graphical representation of the form 
with a brief description of the type of form which it 

15 represents. The user can select 250 any of the choices 

by pointing and clicking on that graphical representation 
using the electronic pointer controlled by the mouse and 
a button on the keyboard or mouse. The choice is then 
scaled to a larger size and displayed. 

20 The user is provided different form size 

choices from actual size to a reduced but recognizable 
size depicting the entire document 260. The user is also 
provided with "point and click" screen buttons allowing 
for the navigation around and review of all parts of the 

25 form. 

After sufficiently examining the form-template 
and being satisfied with the choices, the user points and 
clicks the select button to select the form-template for 
the user's custom catalog. The system then marks 270 
30 that form-template as being selected for the custom 

catalog, and the program returns the user automatically 
to the main catalog screen 225. On that screen, the user 
is notified that he has selected a form-template for that 
category. The process is continued on a category-by- 
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category basis, allowing the user to select or bypass any 
of the offered categories and the f orm-templates therein 
until the user has completed the review 280. 

At the end of the process, the user is returned 
5 to the main screen 290. The system acknowledges that the 
user has finished with the review of the catalog process 
and notifies the user by modifying the catalog "button" 
or placing a check next to the catalog "button", and 
prompts the user to select the next step, "customize" 
10 140. 

FIGS, 3A and 3B are diagrams that depict the 
flow of the system during the customize process. The 
user points and clicks the customize button and is 
presented with a screen in which he is asked to enter his 

15 corporate name 310. FIG. 8 depicts the user interface 
screen for the customize function in one embodiment of 
the present invention. Once the user has input the 
corporate name, the system provides the user with type 
style choices 312. The user is presented with the names 

20 of the type styles on the screen next to the corporate 

name. The user may point and click on any type style and 
the system automatically changes the previously typed 
name into that type style 314. Thus, each type style may 
be visually reviewed by the user permitting the user to 

25 select the appropriate type style 316. 

The next user interface window of the customize 
interface screen prompts the user for the address, zip 
code, and the pertinent telephone, facsimile or other 
numbers 32 0. The user then again selects the appropriate 

30 type style using the previously described method 322, 
324, 326. The name and the address type styles may be 
different from each other. 

After inputting the name and address and 
selecting the type style, the user is offered the option 
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to select a logo 330 by the using the "point and click" 
method on the "select logo" button depicted on the user 
interface screen- The user interface then presents the 
user with a new screen giving the user a number of "point 
5 and click" buttons on the screen allowing the user to 
choose various methods of inputting a logo 332. FIG. 9 
is a depiction of the logo selection screen of one 
embodiment of the present invention. The first choice is 
to select a standard logo 340. Upon selecting that 

10 "button",, the user is given a selection of pre-drawn 
generic logos with representations of different 
industries, professions, locales, animals, plants or 
other various logo selections 342. The user can choose 
any of these standard drawings by using the previously 

15 described "point and click" method 344. The system then 
stores the logo selection for the form-template 346* 

The next logo "button" selection allows the 
user to import a custom graphic of the user's own logo 
from the disk drive 350. These custom logos have been 

20 either drawn or scanned into any of several acceptable 
standard computer conventions and put on diskette, 
magnetic hard disk, CD-ROM (optical disk) or other data 
storage medium. The method for loading this information 
into the computer is to insert the storage medium into 

25 the computer if necessary and type a command which causes 
the computer to load the information from the medium into 
the system 352. The third choice is to allow users of 
Windows™ operating system software to import a file - 
containing a logo which would previously have been placed 

30 in the imported files by the user 360. The imported file 
could be brought into the Windows™ operating system 
environment from a magnetic or optical storage media, 
drawn in the environment with a drafting package or 
scanned into the Windows™ operating system environment. 
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In either case the user must input a file name, 352 or 
3 62 and the system must store the file for the custom or 
windows logos 354 or 364, The fourth selection is for 
"no logo", meaning that no custom logo will be inserted 
5 on the form 370. 

Once the logo selection has been completed, a 
screen showing the name, address, type styles and logo is 
displayed and the user is presented with a "continue" 
button. The "continue" button is pressed (through the 

10 "point and click" technique) and the user is then 

provided with a selection of layouts 380 in which the 
user's name, address and numbers as well as the logo are 
depicted together with various spatial relationships so 
as to allow the user to custom select the appearance 

15 which is most pleasing to the user. FIG . 10 is a 

depiction of the layout screen of one embodiment of the 
present invention. The graphical depiction of a number 
of spatial relationships enables the user to customize 
the form-template without having to use a complex set of 

20 electronic tools. 

Any reduced-size customized spatial 
relationship can be reviewed full size by pointing and 
clicking on the button which contains the graphical 
representation of the spatial relationship. The 

25 appropriate spatial layout is selected 385 through "point 
and click" and the user is then returned 390 to the main 
screen 100. 

The main user interface screen then indicates 
that the user has completed both the "catalog" and 
30 "customize" sections of the system and is prompted to 
select "review" 160. The user points and clicks the 
"review" button and a user interface screen is displayed 
showing the review screen with each previously selected 
form-template represented in a reduced but accurate 
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graphical representation of the actual form with custom 
information. FIG. 11 is a depiction of one possible 
review screen presented to the user in a preferred 
embodiment of the present invention. During the review 
5 process, the custom catalog includes a place to mark 
those documents reviewed by the user. 

FIG. 4 is a diagram of the system flow during 
the review process. Each form in the displayed custom 
form catalog 410 includes the appropriate category name 

10 inserted on the button with the form. By selecting 412 a 
form "button" the user is presented with a graphical 
representation, all on one screen, of the form 416 
including the user's custom information. All information 
is properly laid out and sized to fit the form. The user 

15 is presented with an additional on-screen "button" 

permitting the user to review the form in various sizes 
from actual size to the entire form on one screen 417, 
418. The user may also further customize the form by 
enlarging or reducing the size of the custom information 

20 420, 430 as well as its position on the form 440, 450. 

After selecting the appropriate sizes and 
locations and selecting the number of copies to print 
455, the user can elect to approve the form 460 at which 
time the system marks the form approved 470. The program 

25 then provides the user with the next form for the same 

process 480. Alternatively, the user is given the option 
to review each form before approving any of the forms by 
clicking a "next selection" button. Once all the forms 
have been approved, the program automatically returns the 

30 user 490 to the main user interface screen 100* 

At this point, the user has provided all the 
necessary information and made the necessary choices so 
as to create his own catalog of customized forms and has 
reviewed the forms. The program acknowledges that he has 
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completed the first three steps and prompts him to 
proceed to the fourth step M run" 180. From this point 
forward , when the user selects the "run" button, the 
system automatically retrieves the user's customized form 
5 catalog from secondary storage, such as the hard disk 

drive of the system. If, at some time in the future, the 
user desires to add a form, delete a form, or re- 
customize a form, the user can then go through the 
previously described "set-up" procedure again. Unless 

10 such a change is requested, the system presents the user 
with the customized forms catalog. FIG. 5 depicts the 
flow of the system during the run function. After 
selecting the "run" button, the user is presented with 
the custom form catalog 510 of graphical representations 

15 of the customized forms in accurate but reduced form. 

FIG. 12 depicts one possible custom form catalog that is 
presented to the user in a preferred embodiment of the 
present system. Using the point and click method the 
user can select a graphical representation of a form 

20 category 512. 

The user is then presented with a user 
interface screen containing two buttons: one for 
selecting blank forms and a second for selecting 
completed and filed forms. The blank forms "button" is a 

25 small graphical depiction of the blank form 524 in a 

preferred embodiment of the present invention. The filed 
forms "button" is a small graphical representation of a 
file folder 522 in a preferred embodiment of the 
invention. By clicking on the blank form 524, the user 

30 selects the option of completing a blank form 530 and is 
presented with a blank customized form, in full-size 532. 
Every field of the form can be completed by the user. 
The completion data is collected 534 and stored 536 by 
the system in memory or the data storage device. The 
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first field is selected and each subsequent field is 
automatically selected once the previous field has been 
completed. 

By selecting the file folder 538 the user is 
5 presented with a selection of previously filed forms that 
reside in that file folder 539. The user may then 
retrieve one of these completed form 540 which is then 
displayed by the system 541. 

Additional "buttons" allow the user to either 

10 print 550, delete 560 or file 570 the completed form. To 
print the form, the user simply presses the print 
"button". The system will automatically print one form 
unless the user selects a different default number to be 
printed. If desired, the form can be printed in blank 

15 before it is completed or it can be printed after being 
completed. The completion data template and custom data 
form will print together simultaneously 552. There is no 
need for the user to specify separate data and form files 
in the system for printing. The data files are then 

20 merged 554 and sent to the printer 556. 

When the user wishes to file 57 0 a completed or 
modified form, the user selects the file button and is 
prompted with a window which requests him to specify a 
descriptive name 572 for the completed form. The user 

25 types in a name for the completed form and indicates that 
he is done, at which point the form is automatically 
filed in the system's file cabinet, i.e., magnetic or 
read/write optical storage. The form is automatically 
filed in a folder marked by the descriptive name of the 

30 form category, i.e., "facsimile cover sheets", or 

"expense reports". The descriptive name is preferably 
on or near the file folder or its "button". All related 
data files for the completed form are stored by the 
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system 574. Thus, the user need remember only one 
descriptive file name to recall a completed form. 

To locate a previously filed form, the user 
first determines the category of form from the main 
5 custom catalog selection screen 510 and selects a form 
category 530. The user is then given a choice of 
selecting a blank form 530 or filed forms 538 in the file 
folder within that category. When selecting the filed 
forms, the category of the file folder is displayed open 

10 with an accurately reproduced miniature graphical 

representation of each filed form with the file name 
displayed within the button image of that form. In a 
preferred embodiment the file name is placed on the filed 
form button. Alternatively, the name of the form should 

15 be placed near the filed form button to which it refers. 
By clicking on the graphical representation, the form is 
automatically retrieved 540 and displayed to the user 
541. The user then has a choice of printing 550 the 
form, filing the form 570, modifying 542 the completion 

20 data for that form or deleting the form 560 by clicking 
on the form "throw-out" button. In filing the form 570, 
the user is prompted for a descriptive file name which is 
used to identify the document 572. Upon completion, the 
user may elect to return to the main screen 59 0 by 

25 pointing and clicking on the "back to steps" button. 

A preferred embodiment of the present invention 
provides the user with a pre-customized catalog of 
graphically represented forms. This system enables the 
user to complete forms with user data, file the forms and 

30 print the forms without requiring the user itself to 

customize the forms. Thus, this embodiment of the forms 
generation system provides the user with a limited set of 
functions, simplifying the user interface to a greater 
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degree than the other preferred embodiment described 
herein. 

The user is presented with the same type of 
graphically reprinted forms. However, rather than form- 
5 templates, which the user must customize, this embodiment 
of the system supplies the user with pre-customized 
forms. The user selects the pre-customized form to 
complete. The form is then retrieved automatically by 
the system and the user is presented with data fields for 

10 the input of form completion data. The completed form 
may then be filed, deleted, or printed by the user as 
with the first embodiment. FIG . 5 depicts the flow of 
data during use of this embodiment of the system and FIG. 
12 depicts one possible custom catalog of graphically 

15 represented custom forms which would be presented to the 
user in this preferred embodiment of the system. 

The foregoing description of the invention 
describes only two of the preferred embodiments of the 
present invention. It should be appreciated that 

20 modifications could be made by those skilled in the art 
to the embodiment described herein and that such 
modifications would still result in a system that is 
within the scope of the invention as claimed below. 
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CLAIMS 

1* An electronic forms generation system, 

including a central processing unit, a memory, a user 
data input device, a data display device, a data storage 
5 device, a printer, an operating system, electronic forms 
generation application software and a software- 
implemented user interface including: 

means for presenting to a user a catalog of 
graphical representations of form-templates; 
10 means for graphically reviewing and selecting 

form-templates; 

means for customizing selected features of the 
selected form-template to create a customized form; 
means for graphically reviewing the customized 

15 form; 

means for completing a customized form; and 
means for generating blank and completed 
customized forms. 

20 2. The electronic forms generation system of claim 

1 wherein the means for reviewing the form-templates and 
customized forms includes means for scaling the graphical 
representation of the form or form-template. 

25 3. The electronic forms generation system of claim 

1 wherein the system includes means for printing forms 
and a means for storing completed forms. 

4- The electronic forms generation system of claim 

30 1 wherein the system includes means for inputting form 
completion data. 
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5. The electronic forms generating system of claim 

4 including means for merging the customized form with 
the form completion data file without user intervention, 

5 6. An electronic forms generation system, 

including a central processing unit, a memory, a user 
data input device, a data display device, a data storage 
device, a printer, a computer operating system, 
electronic forms generation application software and a 
10 software-implemented user interface including: 

means for presenting to a user a catalog of 
graphical representations of customized forms; 

means for reviewing the customized forms; and 
means for generating blank and completed 
15 customized forms. 

7. The electronic forms generation system of claim 
6 including means for scaling the graphical 
representation of the form. 

20 

8. The electronic forms generation system of claim 
6 including means for printing forms and a means for 
storing completed forms. 

25 9. The electronic forms generation system of claim 

6 including means for inputting form completion data. 

10. The electronic forms generating system of claim 

9 including means for merging the customized form with 
30 the form completion data file without user intervention. 
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11. An electronic forms generation method 

comprising the steps of: 

presenting the user with a catalog of graphical 
representations of form-templates; 
5 allowing the user to review and select a form- 

template; 

presenting the user with selected features of 
the selected form-template; 

allowing the user to customize the selected 
10 features of the form-template; 

presenting the user with a graphical 
representation of the customized form-template for 
review and modification of the customized features 
in order to generate a customized form; 
15 allowing the user to select a customized form; 

allowing the user to complete form data fields 
on the selected custom form; 

generating the completed customized form; 
printing the completed form; and 
20 filing of the completed form. 

12. The electronic forms generation method of claim 

11, including the steps of: 

retrieving the form-template; 
25 retrieving the customization data; 

retrieving the form completion data; and 
merging the form-template, customization data 
and form completion data without user intervention. 

30 13 • An electronic forms generation method 

comprising the steps of: 

presenting the user with a catalog of graphical 
representations of customized forms; 
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allowing the user to review a set of 
customized form; 

allowing the user to select a customized form; 
allowing the user to complete form data fields 
5 on the selected customized form; 

generating the completed customized form; 
printing the completed form; and 
filing the completed form. 



10 14. The electronic forms generation method of claim 

13, including the steps of: 

retrieving the form-template; 
retrieving the customization data; 
retrieving the form completion data; and 
15 merging the form-template, customization data 

and form completion data without user intervention. 
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THREE TIER FINANCIAL TRANSACTION SYSTEM 
WITH CACHE MEMORY 



Field of the Invention 

This invention relates to customer access to records maintained on financial institution account 
5 systems, and more particularly, to systems for interfacing client programs over an open network to 
legacy databases in financial institution computer systems. 

Background of the Invention 

Computer systems which permit customers to obtain information about their individual financial 
accounts or to direct financial transactions involving their accounts are known. In one type of previously 

10 known systems, a main frame computer controls access to financial institution accounts and maintains a 
database of financial transaction information for its customers. The database management systems in 
these types of financial systems are typically proprietary and many are not compliant with known 
standards for Relational Data Base Management Systems ("RDBMS"). Transaction data is typically 
provided to these types of database management systems from terminals at teller locations, front-end 

15 processors for automated teller machines, or other machines which read checks or other financial 
instruments to convert data to a form compatible with the database management system. 

To permit users to access a database in this type of system, multiple telephone lines coupled with 
voice-response units (VRUs) are provided. The voice response units, in turn, are coupled to front-end 
processors for controlling communications between a main frame computer and the VRUs. To access 

20 account information, a customer makes a telephone call using a touch-tone telephone to one of the 
telephone lines coupled to a VRU. The voice response unit provides an audio menu from which a 
customer selects an entry by depressing a button corresponding to the entry on the user's touch tone 
telephone. By traversing a menu structure in this manner, a user can generate a query for an account 
balance, last transaction, or other financial information obtained in the user's account. The voice 

25 response unit provides the selected request or command to the front-end processor which converts the 
data message to a format compatible with the database management system on the mainframe computer. 
Once the data was retrieved, it is returned to the front-end processor, provided to the voice response unit 
for conversion to audio information, and provided over the telephone line to the user. 

These systems suffered from a number of limitations. For one, users have to remember all menu 
30 selections provided by the voice response unit. Likewise, users have to write down the information that 
was provided over the voice response units for their records. In addition, the entry of data is more 
cumbersome because users only have ten or twelve keys available for input. 
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In an effort to overcome these and other limitations of the voice response systems, systems were 
developed in which a user could use a personal computer ("PC") and a modem to communicate with 
computers at the financial institution. In this type of system, the customer is provided with a program 
which the user loads on his or her PC. This program facilitates the user's control of the computer's 
5 communication controller to call the financial institution using the PC's modem. At the financial 
institution, the telephone lines are provided with modems for communicating messages from the user's 
PC to a communication processor. The communication processor controls the interaction with the user. 
The menu selections are either generated by the program at the user's computer or downloaded from the 
communication processor for display at the user's computer. This visual display facilitates the user's 
10 interaction with the system. In addition, the PC keyboard provides the user with a more versatile 
component for entering data. Also, data retrieved from the database and provided from the front-end 
processor to the communication processor can be down-loaded to the user's PC and displayed. The user 
can then store the information in the user's computer memory or print the information. 

While this type of system overcomes limitations of previously known systems which utilize 
15 audio methods, it still requires a user to make a telephone call to the financial institution in order to be 
coupled to the financial institution's computer system. When the user is in an area outside the local 
calling area of the computer system, a long distance telecommunication charge is incurred. If the 
amount of information to be downloaded is substantial, the charges may be significant. Another 
limitation of these systems is the requirement that the financial institution provide at a nominal or no 
20 charge, a computer program for the user to load onto his or her PC. As the installation of a computer 
program requires more knowledge about a user's PC than some users know, customer frustration arises 
during efforts to load the financial institution communication program onto a user's PC. In order to 
provide support for these users, the financial institutions have to contract or employ computer 
professionals for providing telephone assistance to these users. These overhead costs may be significant 
25 for the financial institutions. 

Within the last decade, the Internet has become a more commonly used form of computer 
communication. The Internet is a network of computer networks, all of which communicate m a 
standard communication protocol. Information is routed through these networks by computers known as 
routers which translate mnemonic addresses to Internet protocol addresses. One communication protocol 
30 supported by the Internet is the Hyper Text Transport Protocol ("HTTP"). This protocol was adopted for 
the communication of graphical and text information across the Internet. This form of communication 
became more popular as client programs, known as web browsers, became commercially available and 
user friendly. Accordingly, many computer users obtained commercially available browsers so they 
could "surf' the Internet and obtain files from servers coupled to the Internet which were written in the 
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Hyper Text Mark-up Language ("HTML"). Today, many computers are provided with web browsers 
without requiring user installation. 



Companies or individuals which couple servers to the Internet for providing product and service 
information to potential customers recognize that more than just a few files can be maintained at the site 
5 for user access. Specifically, server operators use a server coupled to the Internet to provide queries 
from users communicated in the HTTP or other Internet protocol to a "gateway". A gateway can be an 
application program or a separate system which converts user queries from an Internet protocol to one 
compatible with a database coupled to the gateway. If more than one database is coupled to the gateway, 
the gateway performs the function of converting the user queries to the appropriate query language 
10 format for the database coupled to the gateway. Most databases coupled to a gateway are relational 
databases which may be accessed according to an open database compliant standard ("ODBC"). 
Companies which maintain data records in non-relational databases also want to present information to 
users over the Internet. These non-relational databases are commonly known as legacy databases as they 
are viewed as a legacy left from the period preceding relational data base usage. 

1 5 One model developed for providing access to legacy databases over an open network, such as the 

Internet, is a three tier model. In the three tier model, a database interface is provided for communicating 
with the database management system which operates and controls the legacy database or other back end 
processor. A client interface for communicating with a client program executing on a user's computer is 
also a component of the three-tier system. Interposed between the database interface and client interface 

20 is a business logic component. The business logic component processes client requests received by the 
client interface with data obtained from a legacy database through the database interface. The database 
interface converts data received from a legacy database to a format compatible with the business logic 
component and converts the data requests generated by the business logic component to a format 
compatible with the legacy database. 

25 While the three tier model provides user access to a legacy database, it too suffers from 

limitations. For one, if the number of users communicating with the client interface is significant, the 
business logic component may generate more data requests than the legacy databases can process. This 
is hardly surprising as these databases were developed to process data requests from a smaller number of 
users. For example, a bank database expected requests from a limited number of users — i.e., the numbeT 

30 of tellers — rather than the number of bank customers which is possible for a system accessed via the 
Internet. As a result, the legacy databases may not be able to provide responses quickly enough to 
support real time customer interaction. Most known three-tier systems, as a result, either store user 
commands for batch processing at a later time or store them in a queue for near-time processing of 
account information requests. That is, user directed financial transaction commands were stored for 
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batch processing by the legacy databases and account inquiries were supplied by the database interface to 
the legacy database through a queue to buffer the requests during periods of high demand. Thus, the 
limitations of legacy databases made real time execution of user commands difficult in systems where 
access to the system was made available to a large number of users. Because the user commands are 
5 processed in batch mode, legacy databases were updated to reflect user commands overnight and, in 
some instances, where several legacy databases had to be updated to clear a transaction, the user might 
not be able to see the transaction reflected in the user's account for several days. Unless a user maintains 
a record of the transaction requests submitted earlier to the system, the user may make financial 
decisions based on erroneous information. 

10 What is needed is a three tier system that provides bank customers access to a legacy database 

over an open network without requiring storage of customer transaction commands for batch processing. 

What is needed is a three tier system that supports real time execution of customer transaction 
commands that require data from more than one legacy database. 

What is needed is a system which provides bank customers with real time access and execution 
1 5 of transaction commands over an open network without modifying a legacy database management 
system to support an increased number of users. 

Summary of the Invention 

The above limitations of previously known systems are overcome by a system and method made 
in accordance with the principles of the present invention. The inventive system includes a client 

20 interface for communicating messages between a client program and an application service which 
processes client messages, a host interface for coupling the application service to a host system, and a 
local data memory coupled to the application service, the local data memory is used to store host data 
received through the host interface so the application service can process client messages with the data 
stored in the local data memory and the application service also provides update data generated during 

25 client message processing to the host system through the host interface so that host system updating and 
client message processing are decoupled whereby response time is improved. 

The local data memory coupled to the application service provides a repository for all of a user's 
data retrieved from one or more legacy databases coupled to an application service through the host 
interface. When a client program initiates a logical session to access the system through the client 
30 interface, a refresh application service queries the host system through the host interface for the user's 
data records. Some of the responsive data is stored in the local memory while other responsive data is 
used to update data from another legacy database. The data in the local data memory is used to process 
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client requests without requiring real time responses from the legacy database. After a transaction 
application service processes a client request, the local data memory and corresponding legacy database 
are updated. This structure permits a user's information to be stored in a data structure that does not 
suffer the response time delays normally encountered in legacy databases. Additionally, the decoupling 
5 of the legacy database updates from the client message processing and local data memory updating 
supports legacy database updates in a real time or near time manner. Thus, the bank's databases are 
updated and maintained without significantly impacting the ability of the system to respond in 
substantially real time to client messages once the local data memory is refreshed at the start of a logical 
session. 

10 In a more detailed aspect of the invention, the client interface includes personality logic for 

converting client requests and system response data between a client program protocol and an application 
service protocol. Specifically, presentation logic in the client interface organizes the system responses 
and prepares it for rendering at the user's computer. If the user's computer is executing a fat client 
program, such as a personal financial program like Quicken, the client program does most of the 

15 rendering processing and the personality logic need not perform much of the rendering processing. In 
user computer executing their clients, such as web browsers like Netscape Gold Navigator, relatively 
little rendering is performed by the client. As a result, the personality logic does most of the rendering in 
its generation of a description language, such as the HTML document or documents, returned to a user. 
In the preferred implementation, a plurality of client interface service applications are provided on a web 

20 server. Each client interface service may have a different personality logic and the selection of a client 
interface service for communication with a client program depends upon the types of client programs 
attempting to access the system. 

The client interface services also include personality libraries for converting client messages 
between the language supported by a client program and the language used to implement an application 

25 service. For example, a client program may provide client messages or requests in JAVA, Active X, or 
other language commonly encountered on the Internet. After the presentation logic passes the client 
message to obtain data for invoking an application service, the personality library converts the data and 
invoking command to the implementation language for the invoked application service. This structure 
permits the application services to be written in a variety of programming languages without requiring 

30 the application service or its application program interface (API) to include conversion processing. 
Instead, the presentation logic and personality library permit the client interface to be flexible regardless 
of the implementation of the client program or application service. 

The application services of the present invention are application programs that perform end user 
services such as bill payment, retail banking transactions, and credit card account support. Multiple 
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copies of the application services are provided to increase the availability of a service for a client 
program. By segregating different functions of an end user service into different application services, the 
application services may be modified and updated in an independent manner. Application services may 
be implemented in different languages such as object oriented languages like C++ or procedural 
languages like C. The application services may reside on the same computer or server as the interface to 
the local data memory or one or more application servers may be provided for application services and 
the application servers are coupled between the web server or servers on which the client interface 
services reside and the local database interface server. 

In a preferred implementation of the present invention, the local data memory is an open 
relational database managed by an open relational database management system or interface. The 
preferred open relational database management system uses a dynamically configurable pool of database 
server processes, called virtual processors, and multiple concurrent threads to service multiple 
application services. This type of architecture permits the local data memory to communicate with a 
plurality of client programs through a plurality of application services at substantially the same time. 
15 Also, the database management system in the preferred implementation supports embedded query 
language statements for the application service protocols used for the application services. This feature 
permits the application services in local data memory to be efficiently integrated with the database 
management system for support of client message processing by the application services. If the 
application services are implemented in an object oriented fashion and the local data memory is a 
20 relational database or vice versa, a database interface for converting data between the two is provided. 

In another aspect of the present invention, the system is provided with an information server and 
a server for supporting known Internet services for customer service representatives. Client messages 
received over an open network are first passed through a filtering router and delivered to a server on 
which the client interface and application services are resident, if the client messages are to be processed 

25 by an application service. Client messages which are in the format of a known internet service, such as 
E-mail, file transfer protocol (FTP), or Telnet messages, are delivered to a proxy firewall before being 
delivered to the server which supports the Internet service. Because the client interface provides a secure, 
communication to the application services, the additional security processing of the proxy firewall is not 
required for this server. Thus, the structure of the system of the present invention only provides the 

30 additional overhead associated with proxy firewall processing with those services which require these 
additional security measures provided by such known devices. That type of processing is redundant and 
therefore does not enhance communication security for the system. In fact, the additional processing of 
the proxy firewall causes delay in the response time of the application services so it is eliminated. This 
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structure is counter to that normally recognized within the computer network security art which generally 
recognizes that all servers should receive messages from proxy firewalls to enhance security. 



These and other advantages and benefits of the present invention may be ascertained from the 
detailed description of the invention presented below and the drawings discussed therein. 

5 Brief Description of the Drawings 

The accompanying drawings, which are incorporated and constitute a part of the specification, 
illustrate an embodiment of the present invention and, together with a general description given above in 
the detailed description of the embodiments given below, serve to explain the principles of the present 
invention. 

10 Fig. 1 is a block diagram of the components of a system made in accordance with the principles 

of the present invention; 

Fig. 2 is a schematic representation of a system embodying the components shown in Fig. 1; 

Fig. 3 is a block diagram of an implementation of a system embodying the components shown in 

Fig. 1. 

15 Fig. 4 is a flow diagram of data through the components of the client interface shown in Fig. 3; 

Fig. 5 is a depiction of a logical session for a user accessing the system of Fig. 3; and 
Fig. 6 is a flow diagram of data through the components of the host interface shown in Fig. 3. 
Detaiied Descri ption of the Invention 

A system made in accordance with the principles of the present invention is shown in Fig. 1 . 

20 System 10 includes one or more client interfaces 12 each of which communicates client requests and 
system responses with a client program 30 (Fig. 3) over a communication network, such as an open 
communication network like the Internet, in a known client communication protocol such as HTTP. 
Client interface 12 is coupled to one or more application services 14 which process authenticated client 
requests received from a client interface 12 using data stored in local data memory 16. Application 

25 services 14 may perform different customer functions which implement customer support services, such 
as a bill payment service, retail banking service or the like. This structure permits segregation of the 
components for performing the various customer services for ease of maintenance and to facilitate 
communication with the back end or host processing systems which communicate with system 10 
through host interface 20. The back end processing systems may be a database manager for a legacy 
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database, a conventional remotely accessible database such as a credit service database, or some other 
type of data repository for customer financial data or the like. Host interface 20 converts data messages 
between an application service protocol used to implement an application service 14 and the host 
protocol for a back end system coupled to system 10 through host interface 20. 

Local data memory 16 supports application service 14 by providing a local data repository for 
storing user data records that are refreshed from the host systems through host interface 20 at the 
initiation of a logical session. In a manner discussed in more detail below, user data stored in local data 
memory 16 is updated with data from the legacy systems each time a user initiates a logical session by 
logging into system 10. Thereafter, application services 14 process client requests using data stored in 
local data memory 16, and provide legacy data update messages to host interface 20 for modification of 
the host system data records. Thus, local data memory 16 acts as a cache memory for user data during a 
logical session. Use of local data memory 16 as a cache to support processing of client requests by an 
application service 14 and permit decoupling of host system updates from client request processing is 
previously unknown. Use of local data memory 16 as a cache for user data permits system 10 to be 
accessed by customers over an open network, such as the Internet, in substantially real time. 
Consequently, a financial institution may provide end user services and timely update records in its 
legacy databases without delaying responses provided by application services 14 to client requests, even 
though the number of client programs attempting to access the system exceeds the design limits of the 
host systems. In order to reliably support system 10's capability to provide end user services, local data 
memory is implemented with a highly available platform, which means the memory and its management 
are implemented on hardware that is hardened or provided with redundant capability to improve its 
reliability. 

System 40 conforms to the structure of system 10 and provides more detail for implementation 
of the system over the Internet. A customer may utilize a PC or any other personal digital assistant 
25 (PDA) 28 executing a client program 30 to communicate over an open network. Computer 28 may be 
coupled to a firewall 32 to provide a more secure communication link to Internet 34. Client requests and 
system responses between system 40 and client programs 30 are communicated through filtering router 
44. Filtering routers are well known within the art. Filtering routers interrogate the source and 
destination addresses of open network messages communicated through the router to verify that the 
30 source and destination addresses conform to the requirements for communication through the router. For 
example, filtering router 44 does not pass communication messages through it which have a source 
address which corresponds to the same network for the destination address. This prevents a "spoofing" 
attack where a computer outside a computer network attempts to emulate another computer on the 
network to which the destination address computer is coupled, to exploit lower security measures for 
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computers on the same network. Messages from client programs 30 to system 40 may be routed by 
filtering router 44 to an information server 48, web server 50, or customer service computer 52. 
Messages to customer service computer 52 preferably first pass through proxy firewall 54. 

Information server 48 contains non-confidential information and files which may be provided to 
5 a client program 30. This information and files may be related to services available once a user becomes 
a customer or client of the institution that supports its customers using system 40. If a user 
communicates with system 40 using a client program 30, the data messages include identifiers that can 
be tested by filtering router 44 to determine whether a data message from client program 30 is a client 
request which is routed to web server 50 or an Internet service message which is routed to customer 

10 service computer 52. Web server 50 may execute one or more client interface service applications, each 
of which implements a client interface 12 for supporting communication between system 40 and client 
program 30. Database server 58 includes local data memory 16 and its management interface. Database 
server 58 is preferably a highly available platform which means the hardware is more reliable and robust. 
However, such systems are more expensive than conventional computer systems. Although database 

15 server 58 may execute one or more application services 14 and one or more host interface services for 
host interface 20, application services 14 and the host interface services preferably reside and execute on 
one or more application servers 56 and one or more host communication servers 60, respectively. As 
discussed in more detail, servers 56 and 60 are implemented on hardware platforms that are not rated as 
being as highly reliable as server 58. Although the servers 56, 58, and 60 are shown coupled in point-to- 

20 point links, Fig. 2 illustrates data flow and not physical connections. Thus, the reader should appreciate 
that servers 56, 58, and 60 may be coupled in a ring network or other physical connecting configuration. 
Application services 14 process authenticated client requests received from web server 50. Application 
services 14 communicate with the host systems controlling access to the legacy databases or other back 
end host systems through host interface 20. When a user wants to communicate an Internet service 

25 message, such as e-mail, to a customer service representative, the message is provided through proxy 
firewall 54 to the e-mail service for delivery to a customer service computer 52. The customer service 
representative may then utilize information in the e-mail message to verify or correct user data through 
an application service 14 and local data memory 16. 

A more detailed view of a system implementing the principles of the present invention is shown 
30 in Fig. 3. Using like numbers to identify like components, system 62 is coupled to Internet 34 through a 
client interface 12. As discussed above, multiple copies of client interface services, which are 
application programs residing and executing on web server 50, implement a client interface 12 for an 
application service 14. Application services 14 are application programs that typically reside and 
execute on one or more application servers 56. System 62 is coupled to the host systems for the legacy 
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databases and back end processing systems through a host interface 20. As discussed above, multiple 
copies of host interface services, which are application programs typically residing and executing on one 
or more communication servers 58, implement a host interface 20 for an application service 14. 

Preferably, communication between client interface 12 and an application service 14 and 
5 communication between an application service 14 and host interface 20 are implemented with a 
transactional processing (TP) monitor, such as the Tuxedo version 6.1 TP monitor available from BEA 
Systems of Sunnyvale, California. TP monitors are well known and include a name service that handles 
an application service call by identifying an available copy of an application service identified in an 
application call and passing the parameters from the application service call to the application program 
10 interface ("API") for the available application service. The TP monitor balances the load between the 
application service calls and the available application services and makes the locations of the available 
applications transparent to the client interface service programs and host interface service programs 
communicating with the application services. 

In more detail, information server 48, web server 50, application server 56, and communication 
15 server 60 may be Hewlett-Packard ("HP") D250 class computers having 256MB of RAM, a 8GB hard 
drive, an associated terminal, and a CD-ROM drive. Database server 58 may be a HP D260 class 
computer having 1 GB of RAM, 8GB hard drive, and associated terminal, and a CD-ROM drive. 
Firewall 54 may be an Interceptor Firewall/PC available from Network Technologies. 

The operating system on information server 48, application server 56, database server 58 and 
20 communication server 60 may be the HP-UX operating system available from Hewlett-Packard. The 
HP-UX operating system is a version of the UNDC operating system. Web server 50 operates under a 
secure operating system, such as the Virtual Vault Operating System (WOS) available from Hewlett- 
Packard. Communications with client programs 30 over Internet 34 for information server 48 are 
preferably supported by a Netscape Enterprise Server program resident on information server 48. 
25 Communications with client programs 30 over Internet 34 for web server 50 and proxy firewall 54 are 
also supported by a Netscape Enterprise Server. The Netscape Enterprise Server uses an open Secure 
Sockets Layer ("SSL") protocol for communication with client programs 30. The SSL protocol provides 
encryption, server authentication and message integrity incorporating RSA data security software. The 
Netscape Enterprise Server includes a Netscape Server Application Programming Interface ("NSAPI") 
30 for integrating the server software with the client interface services residing and executing on web server 
50. 

Application services 14 are preferably application programs written in a higher level 
programming language, such as C or C++. Database server 58 also includes local data memory 16 which 
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is preferably implemented with the INFORMIX — On-line Dynamic Server, version 7.1. This is a 
relational database management system ("RDBMS") for managing data operations between local data 
memory 16 and application services 14. INFORMIX Dynamic On-line Server is a commercially 
available server of INFORMIX Software, Inc. of Menlo Park, California. The dynamic server of the 
5 preferred embodiment uses a configurable pool of database server processes and multithreading to 
efficiently process database commands and other messages communicated with application services 14 
without delaying application service processing and communication with client programs 30. Other 
embodiments of local data memory 16 are possible as long as the embodiment is a highly available 
platform with sufficient storage and access times to provide a cache memory for user data during a 

10 logical session. For example, local data memory 16 may be an object oriented database or a RAM 
memory with a memory access controller. Local data memory 16 may also be implemented with more 
than one memory such as a database cluster. Where application services 14 and local data memory 16 
are implemented with different architectures, a converting interface may be required. For example, an 
application service 14 written in a procedural language may require a relational/object interface if local 

15 data memory 16 is a data object repository. Likewise, such an interface may be required when 
application service 14 is implemented in an object oriented language such as C++ and local data memory 
is a relational database. 

To further enhance secure communications between computers in system 62, information server 
48, web server 50, database server 58 and customer service computers 52 may use a communication 

20 program which replaces the communication utilities in the various types of operating systems used in 
system 62. One form of such secure communication software has an access control database which 
contains rules regarding the types of encryption supported by the computer on which it resides, 
identification information for the computer user or host, permissible addresses, and other computer 
security network communication parameters. When communication is attempted between two 

25 computers executing copies of the communication program, the program residing on the computer 
initiating communication communicates with its counterpart in the other computer to identify a set of 
common compatible protection parameters which may be used to wrap the data in a transport 
encapsulation protocol for communication security. Once the common compatible security parameters 
have been identified, data messages not conforming to the selected security parameters cause the 

30 receiving computer to terminate the communication link with the other computer, and an audit of the 
message is conducted to determine the type of security breach being attempted. Such a program is 
commercially available from Security First Technologies of Atlanta, Georgia and is denoted by the 
trademark Hannah. 
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Use of a computer communication security program, like the one discussed above, on all 
computers of system 62 reduces the likelihood that a disgruntled customer service representative or other 
employee of the institution implementing system 62 is able to access data for which the representative or 
employee is not authorized. This is an important security aspect of the present invention as many lapses 
5 in communication security are those perpetrated by an employee exceeding his or her authority for 
whatever reason. 

Firewall 54 permits customer service computers 52 which are coupled together through a 
computer network to utilize internet services, such as e-mail, World Wide Web, FTP, Telnet, Rlogin and 
Usenet in a secure manner. The system includes a network access controller that interrogates a 

10 connection request for a protected service to determine whether the request should be granted. 
Typically, the request is evaluated on the type of service requested and the source and destination 
addresses for the connection. Each Internet service may also include a proxy server as part of firewall 54 
which may require special authentication prior to activating the service for the connection. After 
activating a service, the proxy server logs the connection and monitors the commands which are 

1 5 transferred between the source and destination addresses. The proxy server may disable or log specific 
service commands as well as information regarding the messages transferred through the connection. 

As can be seen in Figs. 2 and 3, a system made in accordance with the principles of the present 
invention provides Internet services for customer service computers 52 through firewall 54 while user 
transaction information is provided directly from filtering router 44 to web server 50. One advantage of 

20 this structure is that proxy firewall 54 processes security constraints for communication more slowly 
than router 44. This time difference in processing primarily arises from the additional processing of the 
Internet service proxies and the separation of the communication sockets so the service proxies can 
monitor the commands. Filtering router 44 primarily verifies that the source and destination addresses 
conform to communication constraints and then passes the message to the appropriate destination. At 

25 web server 50, the Virtual Vault Operating System of the preferred embodiment receives client requests 
which have had their source and destination address verified by router 44. The secure web server 
verifies the user identification data and forwards the client request to an application service 14. Because 
the functions performed by proxy firewall 54 are redundant in view of the security processing performed 
by server 50, communications are not routed through firewall 54. As a result, communication speed is 

30 enhanced by this structure without jeopardizing security. 

A block diagram of the structure of client interface 12 is shown in Fig. 4. The interface includes 
presentation logic 80 and a personality library 82. Presentation logic 80 performs three functions: (1) 
authenticate and parse client requests; (2) make an application service call using data from parsed client 
requests; and (3) generate and output system responses from data returned from application services. 
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The authentication and parsing of the client request is to verify the content of the request. This data is 
then incorporated in an application service call which invokes personality library 82. Personality library 
82 converts data from a parsed client request to a format compatible with the API for the application 
service identified in the application service call. For example, client interface 12 may receive a client 
5 request in an HTML file from a client program 30. After the request is authenticated and parsed by 
presentation logic 80, the data from the request identifying a source account, a transfer amount, and a 
destination account, for example, is converted to an application service call by personality library 82. If 
the application service is written in an object language, such as C++, personality library 82 converts the 
data to an object oriented protocol for the application service. If the application service is written in a 

10 procedural language such as C, the data parsed from a client request is provided in a C programming 
language data structure to the API for the application service. Personality libraries 82 may be used to 
convert data from the application layer of the communication protocol supported by presentation logic 80 
to a variety of implementation languages for application services 14. For example, JAVA, Visual Basic, 
C, C++, and other languages may each be supported by a separate personality library 82. The invoked 

15 application service processes the client request using data from local data memory 16 and returns 
response data to client interface 12. Continuing the example, personality library 82 of client interface 12 
then converts the response data to a form compatible for HTML files and presentation logic 80 builds an 
HTML document that is sent to client program 30. Although the preferred presentation logic 
communicates with client programs using HTML documents, other communication protocols may be 

20 used. 

The presentation of data to a user at a computer 28 is a function of user interface rendering 
performed by presentation logic 80 and client program 30. When client program 30 is a fat client, such 
as a personal financial manager program, for example, Quicken or Money, client program 30 includes 
software that does much of the data rendering displayed at computer 28. As a consequence, presentation 

25 logic 80 in a client interface service implementing client interface 12 for the fat client program 30, 
contains relatively little user interface rendering software as that function is primarily controlled by 
client program 30. On the other hand, when client program 30 is a thin client that performs relatively 
little user interface rendering, such as a commercial web browser, presentation logic 80 includes more 
user interface rendering software to control the presentation of data by thin client program 30. By 

30 implementing various client interface services having different presentation logic 80 and different 
personality libraries 82, different versions of client interface 12 may be provided to support various 
client programs 30 and implementations of application services 14 in different programming languages. 

As shown in Fig. 5, a user logs into system 62 to initiate a logical session and then logs off to 
end the logical session. Because open network communication does not establish and maintain a single 
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communication link between a client program 30 and system 62, a logical session is comprised of a 
plurality of session interactions. A session interaction is comprised of a client request being transmitted 
to a client interface 12 residing on web server 50, the processing of that client request by an application 
service 14, and flic generation and transmission of a system response to client program 30. The session 
5 interaction is then terminated until the next session interaction is initiated during the logical session. 
When the last client request is a logoff message, application service 14 recognizes an end of a logical 
session for a user. If a logoff message is not received, which is possible as a user can simply select 
another web site without sending a logoff message to system 62, application service 14 recognizes the 
end of a logical session because web server 50 provides the login communication to the user when the 
10 user returns to web server 50. As a result, the user sends a new login client request which terminates the 
prior logical session and initiates a new logical session. 

Identification and authentication of web server 50 and client program 30 is achieved through use 
of a public/private key scheme. At the initiation of a logical session, client program 30 and web server 
50 authenticate one another using a known security protocol such as the Secure Sockets Layer ("SSL**) 

15 protocol. Once web server 50 and client program 30 have established their respective authenticity, web 
server 50 examines an external token in a cookie field of a client program message to determine whether 
the external token has expired. If it has, client program 30 is required to send a login message to initiate 
a logical session with web server 50. If the external token is unexpired, the client message is 
authenticated by web server 50. Because known security protocols, like SSL, use a single session key for 

20 encrypting communications during a logical session, another could decipher this key, especially if it has 
a relatively small bit size, for example, forty (40) bits. With this information, another can decrypt the 
contents of the messages between client program 30 and system 62 to obtain information for generating 
messages that appear to be from an authorized client program 30. To reduce the likelihood of this 
security breach, system 62 generates a separate external token for each session interaction. Thus, even if 

25 the security protocol key is deciphered, the external token cannot be easily predicted and included in a 
"spoofing" message. To further enhance security within web server 50 and reduce the likelihood that an 
application service call is forged, an internal token is also generated for each session interaction. The 
new external token and internal token are provided to client interface 12 which passes the internal token 
along with the client request as converted by personality logic 82 to application service 14. The internal 

30 user token is returned by application service 14 with response data and client interface 12 returns the 
response data converted to the client interface protocol along with the new external token to client 
interface 12. Presentation logic 80 of client interface 12 organizes the responsive data and returns it in 
the communication protocol compatible with client program 30 along with the new external token. For 
the next session interaction, client program 30 returns the new external token received from web server 

35 50 as the external token for the next session interaction. The modification of the external token for 
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session interaction authentication improves the security of communication between client programs 30 
and system 62. The internal token is algorithmically examined without requiring access to database 
information. The examination is computationally efficient as the internal token is examined at each 
application service call. This reduces the number of accesses required for local data memory 16 and 
improves the response time for local data memory that would otherwise be impacted by memory 
accesses to verify application service calls. Interrogation of the internal token for each application 
service call reduces the likelihood that an unauthorized access of an application service can be obtained 
by forging a service call inside system 62. When the security service generates a new external token, it 
is stored in the local data memory so the security service can verify the next session interaction with a 
client program 30. 

Successful initiation of a logical session results in client interface 12 generating a client refresh 
application service call. The refresh application service examines the user token and the configuration 
information for the user's records to determine which records stored in local data memory 16 require 
refreshing. The refresh request processed by the refresh application service may either be a user refresh 
request or an account refresh request. A user refresh request is processed by the refresh application 
server by first identifying the periodicity of data updating performed at the back end processor coupled to 
system 62 through host interface 20 and then querying the back end processor through the host interface 
if the update interval indicates recent account information might be available. For example, a user may 
have certificate of deposit ("CD") accounts, savings accounts, and checking accounts with the financial 
institution that provides customers access to their accounts through system 62. In this example, the CD 
accounts are updated in nightly batch processing, and savings and checking accounts are updated in real 
time. If the user has accessed the system since the last nightly batch processing no query for data from 
the back end processor of CD account information is generated. Because the savings account and 
checking account information are updated in real time, refresh requests are generated for both back end 
processors supporting this account information and the retrieved information is used to update the local 
data memory 16. If an account refresh is requested, the specified account for the user is obtained through 
the host interface 20. Data retrieved from the back end processing systems through the host interface 20 
are provide to local data memory 16 to update the user data in that memory. 

In banking applications, reconciliation of cleared transactions stored in a back end processing 
system with transaction data manually entered by a user is important for accurate accounting. This 
reconciliation is performed by a matching application service which identifies the transactions stored in 
the local data memory which have been stored as cleared transactions in the back end processing system. 
Changing the status of these manually entered transactions to a cleared status allows application services 
to accurately process client requests with the information stored in local data memory 16. 
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In a preferred implementation of the present invention, application services 14 may be grouped 
in three functions, namely, retail bank application services, bill pay services, and credit card services. 
The retail bank application services are processed by an account service application. The account 
application service may be used to obtain and edit a bank register or bank statement. A bank register 
5 shows all transactions for a user, including both cleared and pending transactions, while a statement 
shows only cleared transactions. A client request to view a user's register, causes account application 
service 14 to query local data memory 16 for all transaction records and these are returned to client 
interface 12 by account application service 14. Client messages to edit a record may be sent by client 
program 30 and processed by the account application service. A pending transaction may be edited to 

10 modify or delete payment while unclear transactions may be edited to modify or delete the transaction. 
The statements may only be displayed as they are only directed to cleared transactions. Account 
application services may also be used to perform immediate transfers between accounts. The bill pay 
client requests are preferably processed by a bill pay application service. The bill pay application service 
allows a user to make a new payment to an existing payee, define a new payee and a payment to that 

15 payee, edit information regarding a payee identify a group of payees, provide a recurring payment 
instruction or modification of such an instruction. The credit card client requests are processed by a 
credit card service application which permit the display and editing of a credit card statement. 

Communications between a server on which application services are resident and host interface 
20 are shown in Fig. 6. As shown in that Fig., an application service 14 communicates with a host 

20 interface service program for a host interface 20 in either a real time or near time manner. Preferably, all 
application services 14 make host interface service calls through the TP monitor discussed above. The 
TP monitor links the requesting application service 14 to an available host interface service. Requesting 
application service 14, via configuration information, determines whether the host interface, service call 
can be provided to an available host interface API as a real time message or placed in a queue to await 

25 delivery to the next available host interface service. Host configuration information indicates whether 
each host coupled to a host interface 20 responds in a real time, near time, or batch mode. If the host 
responds in a real time manner, the host interface service call is provided to the host API so host 
interface 12 converts the host interface service call from the application service protocol to a message 
format conforming to the identified back end processing system host. This message is then encapsulated 

30 in the correct communication protocol for the identified host system and provided to the host system. 
Upon transfer of the message from the host API to host interface 20, application service 14 is provided 
with the response of the corresponding host system. If the configuration information indicates that the 
host responds in a near time manner, the message is placed in a queue for host interface 20 and host 
interface 20 processes the messages as they are emptied from the queue by a queue forwarding agent 

35 process. Host API responds to application service 14 with a signal indicating that the request has been 
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queued to the host. If application service 14 expects no response, such as when an update message is 
delivered to host interface 20, application service 14 continues its processing without providing any 
response information to client program 30. If a response is expected by client program 30, application 
service 14 sends a message indicating the request is being processed and that a response from the host 
5 system can be obtained at a later time. The host configuration information of the present invention 
allows the host API to adapt the delivery of messages to the host interface so that those back end 
processing systems that respond in real time are not encumbered by those hosts that respond in near time. 
This also simplifies programming of the application services as all of them are written for real time 
responses and the API handles exception processing. 

In use, an institution which implements system 62 provides the customers with a customer 
identifier and password through an off-line manner, such as regular mail service. Using a client program 
30 on the user's client computer 28, the user may access information server 48 to gain access to non- 
confidential information. To review account information or to direct transactional activity, a customer 
initiates a logical session with system 62. Subsequent session interactions for the logical session are 
authenticated with the facilities of the communication security protocol as well as the external token 
authentication mechanism of system 62. The authenticated client requests are converted by presentation 
logic 80 and personality library 82 of client interface 12 to an application service call for an application 
service 14. At initiation of a logical session, a refresh application 14 determines those user records 
requiring updating and obtains user records through host interface 20. This data is then converted to a 
format supported by local data memory 16 and stored in local data memory 16. Application service 14 
now processes client requests received in subsequent session interactions using data from local data 
memory 16 and returns a response to client interface 12. Application service 14 also generates host 
record update messages which are provided to host interface 20 for delivery to the corresponding host. 
Thus, the processing of client requests by application service 14 is not delayed by communication with 
hosts for the legacy databases and other back end processing systems, except for the initial retrieval of 
records, and the data integrity of the records in local data memory 16 and the legacy database is 
maintained. 

While the present invention has been illustrated by a description of various embodiments of the 
present invention and while the embodiments have been described in considerable detail, it is not the 
30 intention of the applicant to restrict or anyway limit the scope of the appended claims to such detail. 
Additional advantages or modifications will readily appear to those skilled in the art. For example, client 
programs 30 may be coupled to client interface 12 through a telecommunication link in a point-to-point 
connectivity manner to gain the efficiencies of the three tier model with a local data memory so 
telecommunication connect time and charges are reduced for customer access. The inventions broader 
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aspects are therefore not limited to the specific details, representative apparatus and method, or 
illustrative examples shown and described. Accordingly, departures may be made from such details 
without departing from the scope or spirit of applicants general inventive concepts. 

What is claimed is: 
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I. A financial transaction system for supporting communication between a plurality of 
financial institution customers and at least one financial institution back end processing system 
comprising: 

5 an application service for processing client requests from a client program executing on a 

customer's computer; 

a client interface for communicating messages between said client program and said appbeation 

service; 

a host interface for coupling said application service to a back end processing system for a 
1 0 financial institution; and 

a local data memory coupled to said application service, said local data memory for storing 
customer data refreshed with data received through said host interface, said application service processes 
said client messages received through said client interface with said customer data stored in said local 
data memory. 

15 2. The system of Claim 1 , said client interface further comprising: 

presentation logic for communicating with said client program in a client program protocol; and 

a personality library for converting application service calls generated by said presentation logic 
with data from said client messages to an application service protocol and for converting responsive data 
received from said application service to said client program protocol. 

20 3. The system of Claim 2 wherein said presentation logic parses said client messages, 

authenticates said client program sending said client messages, generates said application service calls 
with data from said client messages, and generates output for said client program. 

4. The system of Claim 3 wherein said presentation logic renders output for a Cat client 
25 program. 

5. The system of Claim 3 wherein said presentation logic renders output for a thin client 
program. 



-19- 



WO 99/17240 PCT/US98/11173 

6. The system of Claim 2 wherein said personality library converts application service calls 
to one of Java, ActiveX, C, or C++. 

7. The system of Claim 1 further comprising: 

a transactional processing (TP) monitor for coupling said client interface to said application 
5 service and for coupling said application service to said host interface. 

8. The system of Claim 7, said TP monitor having host configuration data for identifying 
whether said back end processing system is one of a real time and a near time system. 

9. The system of Claim 1 wherein said local data memory is one of a relational data base 
system, a data object repository, a random access memory (RAM) with a memory access controller, and 

10 a cluster data base. 

10. The system of Claim 1 wherein said client interface program is coupled to a plurality of 
client programs over an open network. 

11. A method for providing financial institution customers access to their accounts at a 
financial institution comprising the steps of: 

15 initiating a logical session between a client program and a client interface; 

refreshing data in a local data memory with customer data received from a back end processing 
system through a host interface; 

processing client requests using the refreshed data stored in the local data memory; and 

sending system responses generated from processing said client requests to said client program 
20 through said client interface. 

12. The method of Claim 1 1 further comprising the steps of: 

generating back end processing system updates from processing said client requests; and 

sending said back end processing system updates to said back end processing system through 
said host interface. 

25 13. The method of Claim 1 1 wherein said initiating step further comprises the steps of: 

authenticating said client program for access to said back end processing system; and 
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sending secret data decrypted from a message received from said client program to authenticate 
said client interface to said client program. 

14. The method of claim 1 1 further comprising the steps of: 

verifying an external token to authenticate a session interaction during a logical session; 

5 generating a new external token for authenticating a next session interaction during said logical 

session; and 

returning said new external token to said client program through said client interface. 

15. The method of Claim 14 further comprising the steps of: 
generating an internal token during a session interaction; and 

10 passing said internal token to an application service for authenticating an application service call. 
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